Month: October 2017

In honor of National Cyber Security Awareness Month (NCSAM), I thought it would be helpful to explain three key Wayne State University technology systems that help protect the network and the privacy of employees and students. You may have seen my earlier post on the Virtual Private Network (VPN) — keep an eye out later this month for the final post on secure Wi-Fi!

The second technology I’d like to discuss is two-factor authentication (2FA).

If you have used any WSU self service portals in the past year, you’ve probably encountered 2FA. The question, then, is what exactly is it?

Two-factor authentication adds a second level of verification to an account login by requiring additional proof of identity. When you are entering only a username and password, you are using single factor authentication.

The second factor can be…

Something you know: An extra password, PIN or pattern.

Something you have: An ATM card, fob or your phone.

Something you are: Biometrics like a fingerprint, voice print, iris or facial detection.

Wayne State’s 2FA system uses your phone.

How to use 2FA at WSU

When you log in to a WSU system secured with 2FA, you will be presented with a page that looks like this:

You will be given three options for a second factor of authentication.

Call Me: This option will initiate an automated call to your phone. Upon answering, you will be prompted to push any button on your phone to authenticate.

Enter a Passcode: If you choose this method, you will be sent a text message with a numerical code that you then enter in the blank field on your screen to authenticate.

Send Me a Push: To go this route, you need to download the Duo Mobile app on your iOS or Android smartphone. This choice will send you a push notification that you may quickly authenticate with.

If you choose to authenticate with a call or text, you will be encouraged to download the app.

Once you’ve installed the app, click the button I have Duo Mobile installed to proceed to this screen:

Open the app on your phone, aim the camera at the QR code on your screen, and you’ll be connected to WSU. Click the Continue button once you have finished. You’ll then be asked to sign in to the account and a push notification will be sent to your phone; approve it and you will be connected to the WSU system you are trying to access.

After this first set up, you will be able to use the push notification method whenever you want.

2FA beyond WSU

Privacy is an ever-growing concern and Wayne State is not the only place using two-factor authentication to protect information. More and more sites are using 2FA. Google has an authenticator that can be set up for a number of services, Facebook has several 2FA options, as has Twitter. Check your personal email and social media accounts to activate two-factor authentication and stay in charge of your own data.

At this point, I would guess that basically every Wayne State instructor has learned of the university’s decision to migrate from our current learning management system (LMS), Blackboard (Bb), to a new one called Canvas, which is made by a company called Instructure. This semester I was offered the opportunity — along with about 20 colleagues — to be one of the first instructors to teach classes in Canvas. As I learn about Canvas, I’ll do some journaling about my experiences and share them with the campus community so you have an idea of what to expect.

Knowing that change can be hard for a lot of people, a thoughtful and deliberate process to review and update our LMS has been underway for about one year. I have been involved in this process since the beginning and I am confident that the decision to move to Canvas is the best outcome for the university. You can learn more about the process and the decision at canvasproject.wayne.edu/process.

One huge advantage is that Canvas is a cloud based application—meaning that it is maintained by Instructure an Amazon Web Services hosting. This means that we will never have a moment like the beginning of the last academic year when we experienced several days of downtime. With hundreds of universities dependent on this application Instructure must guarantee reliability. They have the capacity to create backups and redundancies that Wayne State simply cannot create alone.

So, what do I actually think of Canvas?

First of all, I like it very much. Has the move over been without hiccups? No. I didn’t expect it to be. I’ve been using Bb for about 17 years and even though it very frequently drove me insane, I had become accustomed to its user interface and the Bb way of thinking. However, I have already found using Canvas to be more intuitive than Bb ever was. I’ve also found that even though the learning curve slows me down, I can do things more quickly than in Bb. Finally, I have to say that my students are far more receptive to Canvas and are having a far easier time with it than they did Bb.

Next semester, we are on schedule to have five colleges/schools using Canvas. University-wide usage will begin in the fall semester of 2018 with Blackboard being completely shut down in September 2018.

This is my first installment of this series of journals. I know I have not gone into any specifics of using Canvas. Don’t fret, they will come. For this entry, I simply wanted to outline our journey to Canvas.

In honor of National Cyber Security Awareness Month (NCSAM), I thought it would be helpful to explain three key Wayne State University technology systems that help protect the network and the privacy of employees and students. Keep an eye out all month for this series!

The first technology that I want to discuss is the WSU Virtual Private Network or VPN.

In a recent discussion with a colleague in my home academic department, I was asked: “What is this VPN thing that I’m being asked to use to access STARS?”

Simply put, I explained, once you sign in to the VPN it is the equivalent to being on campus and working on WSU’s network. A VPN provides a secure, encrypted tunnel in which data is transmitted between the remote user and a company’s network. It allows our Wayne State employees to access systems remotely and maintain a secure link to those important systems.

VPNs are becoming more well known since the federal government recently overturned regulations that would have required internet service providers to get your explicit consent before they share or sell your web browsing history and other sensitive information [i]. For this reason, many tech-savvy consumers are choosing to use a private VPN service to protect their identity and online activity. In the same way as described above, this means that no one can eavesdrop or track a user’s online activities.

A VPN is especially useful when accessing public Wi-Fi hotspots that may not be secure or when accessing the internet from another country. They provide you, the consumer, with unfettered internet access, and help to prevent data theft and unblock websites.

As privacy matters are becoming more and more important, secure technologies make certain that the data that we use in our work here at Wayne State is secure. I would also suggest, if you are concerned about your own privacy on the internet, that you consider using these technologies in your everyday usage of the internet. There are many VPN services available to the public and they can do a great deal to protect your information.

The Wayne State VPN has an additional layer of security with two-factor authentication. I’ll share more about how this works next week.

Oct. 1 begins National Cybersecurity Awareness Month (CSAM). This is an initiative that was co-founded by the National Cyber Security Alliance and the U.S. Department of Homeland Security. Now in its fourteenth year, this month of watchfulness stretches to countries around the world under the auspices of CSAM. As we move into the month, I want to remind the Warrior community that we are all responsible for our own cyber security. The core message of CSAM is that the, “internet is a shared resource and securing it is our shared global responsibility.”

In order to encourage everyone to take Cyber Security into their own hands, the NCSA has initiated an awareness and education campaign for online safety and protecting your personal information. It is called: STOP. THINK. CONNECT.™ The great thing is that people are in no way being told that the internet is so dangerous that we shouldn’t use it. The campaign is just stating that we all need to stop to think about the consequences of our actions and then enjoy all the benefits the internet has to offer.

The National Cybersecurity Alliance has some pointers I’d like to offer you so that you can remain #cyberaware:

Lock down your login: A password and a username is not really enough to protect your important accounts. Use stronger authentication tools (security keys, biometrics, etc.) whenever possible. Two-step authentication can be your best friend when you want to keep your info safe. (Find info about two-step authentication at Wayne State at kb.wayne.edu/160520.)

Keep a clean machine: Make certain that all software and apps on your mobile devices and computers are up to date. This makes certain that security updates are working in your favor.

When in doubt, throw it out: If you receive an email, tweet or posting that has a link and you do not recognize it, just delete it or mark it as junk.

Back it up: Protect all your digital information by keeping copies in a safe place. You do not want to lose your valuable data if something should happen to one of your devices.

Own your online presence: Make certain that you are comfortable with your privacy and security settings for websites. The site’s default may tell people more about you than you realize. Check your privacy settings.

Share with care: Think before you post anything about yourself or other people online. What is revealed could affect you or your friends and family more than you initially think.

Personal information is like money.Value it. Protect it: Your interests, location, purchase history, etc. is valuable to a lot of people. Be mindful of the apps and websites you are using and what they may be collecting about you.

The internet offers a plethora of information and entertainment. While you are online laughing at cat videos, make certain that you are watching out for your privacy and security. Be #cyberaware

The opinions expressed in this blog are solely those of the individuals posting them and do not necessarily represent the views of Wayne State University, its administration, faculty, staff or students. The University is not responsible for the accuracy of blog content and accepts no liability for such material.